Info regarding MIT 1.8 Crypto modularity feature.

Use Nas usenas at
Fri Aug 13 04:21:02 EDT 2010

In MIT 1.8, i see  the following change/enhancement.
"Crypto modularity -- vendors can more easily substitute their own crypto
implementations, which might be hardware-accelerated or validated to FIPS
140, for the builtin crypto implementation that has historically shipped as
part of MIT Kerberos. Currently, only an OpenSSL provider is included, but
others are planned for the future. "

I want to understand it more. I found that the code has been modularized. I
would like to understand about how does it work? If i want to add vendor
specific encryption what are the changes required .. I believe if i
understand the changes done specific to openssl, i should help me understand
better. Please advise.

Which ticket is used to drop the changes for "crpto modularity" and
"openssl" changes ? And any documentation ?


More information about the krbdev mailing list